<?PHP
// retrieve the variables entered into the (submitted) form
$username1 = @$_POST["user_name"];
$mailadres1 = @$_POST["user_email"];

// let the config.php file connect to the database
include("config.php");


// check if the admin alows this feature: the $AllowForgotPassword variable is set in config.php
if ($AllowForgotPassword == false){die($disabledFeatures);}

// check if the combination of username / mailadres exist
$query = "SELECT * FROM `".$DBprefix."signup` WHERE `user_name` = '$username1' AND `user_email` = '$mailadres1'";
$result = mysql_query($query); 

// if it does retrieve the password and mail it to the user

if ($row = mysql_fetch_array($result)){
	// Generate random numbers as a temporary password
	
	$new_password = generatePassword();
	$new_password1 = md5($new_password);
		// First lets update the database with the new password
		$query = "UPDATE `".$DBprefix."signup` SET `user_pass` = '$new_password1' WHERE `user_name` = '$username1' AND `user_email` = '$mailadres1' ";
		$result = mysql_query($query); 


	// prepare the message (replace %p and %a)
	$message = $message_forgot_password;
	$message = str_replace("%p",$new_password, $message);
	$message = str_replace("%a","%", $message);

	// the text that should be within the message is stored now in the $message variable. 
	// "\n" (without qoutes) indicates a new line.

	$headers = "From: IdeaLAN ACP <no-replay@idealan.net>" . "\r\n" . "Reply-To: no-replay@idealan.net" . "\r\n" . "X-Mailer: PHP/" . phpversion();

	mail($mailadres1, $title_forgot_password, $message, $headers);

	//and print a gage telling that the password was mailed. And that it should arrive soon.
	
	makeform($passwordSent,"DISABLED","HIDDEN");
	
	}
else{
	// if the combination doesn't exist check it the form was filled in (on pageload the form is not filled in).
	// if the form was not filled in, show the "forgot password" page (makeform()). Without an argument since there is no error
	if ($username1 == ""){makeform();}
	else
	// if the form was filled in. show the "forgot password" page (makeform()) with an error on top.
	{makeform($incorrectUserMailaders);}
}

// This function will show the "forgot password" page (makeform()). The argument is an 'optionale' argument.
function makeform($errormessage="", $lock="", $type="submit"){
// for more info how to customize this page check login.php

if (empty($errormessage)) { $errormessage = "Request a new password"; }
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pl" lang="pl">
<head>
<title>Forgot Password</title>
<meta http-equiv="content-Type" content="text/html; charset=iso-8859-2" />
<meta name='description' content='opis strony' />
<meta name='keywords' content='slowa kluczowe' />
<link rel="Stylesheet" type="text/css" href="g/style.css" />
</head>

<body class="body">

<form name="form1" method="POST" action="forgot.php">

<div id="login">
			<div id="logtop"></div>
			<div id="atlog">
						<div id="btlog">
									<div class="btlogleft">
										&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Login:<br />
										&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;E-mail:
									</div>
									<div class="btlogright">
											<input type="text" name="user_name" class="loguj" value="" <?PHP echo "$lock"; ?> />
											<input type="text" name="user_email" class="loguj" value="" <?PHP echo "$lock"; ?> />
											<input type="submit" class="logok" value="REMIND" <? echo $lock; ?>/> | <a href="login.php"><- Back to login page.</a>

									</div>
<?PHP if ($errormessage != ""){echo "<p> &nbsp; </p><center><font><strong>$errormessage</strong></font></center>";} ?>
						</div>

			</div>
</div>
</div>
</form>
</body>
</html>
<?PHP } ?>